Metasploit Tutorals

Friday, 14 October 2016

What the hell is an Exploit ???

What does exploit mean?

An exploit is the use of software, data, or commands to “exploit” a weakness in a computer system or program to carry out some form of malicious intent, such as a denial-of-service attack, Trojan horses, worms or viruses. The weakness in the system can be a bug, a glitch or simply a design vulnerability. A remote exploit exploits the security vulnerability without ever having prior access to the system. A local exploit needs prior access to the vulnerable system and usually involves increasing the privileges of the user account running the exploit. Those who utilize exploits often use social engineering to gain critical information needed to access the system. Many crackers (or hackers) take pride in their knowledge of software exploits and post them to a website to share or boast with other crackers. Web browsers and media players are often targets by crackers since they both have access to system information and can download files from the internet. Patches (or “fixes”) are intended to remedy these vulnerabilities as soon as they are revealed and are often distributed in software updates. Hence, it is vital to keep your software up-to-date in order to make sure that all known vulnerabilities patched. A zero-day exploit is one that the software’s creator has not yet discovered. To prevent losing data because of an attack taking advantage of an exploit, is a good idea to keep regular backups of your data saved on your computer.